Wednesday, October 28, 2009

(BUSINESS WIRE)--AFCOM, the world’s largest data center association, today (October 27) announces its 2009/2010 Data Center Trends survey that offers perspective and insights on the major trends facing 436 commercial, government and college/university data centers throughout the world; twenty percent responsible for budgets of $10M plus. Significant findings reveal that though threat of cyber terrorism is real, it is not being adequately addressed by the world's keepers of the most confidential financial, military and personal data. In addition, it reveals the government is behind its private industry counterparts in terms of greening initiatives. Meanwhile, it shows that the mainframe may be losing its place in worldwide data centers, as servers become more capable. And cloud computing, despite the hype, hasn’t pushed beyond 15 percent acceptance at this point. In comparison, 73 percent have implemented virtual processing.

“We designed this survey to better understand current trends in the industry, and to help our members understand what others are doing to get to that next level in operational effectiveness. In many cases, the results and analysis of this survey are bringing awareness to areas that need improvement. For instance, the industry needs a clear definition of cloud computing and virtualization; we’ve supported data center professionals for three decades now and many of these terms seem merely re-packaged and over-marketed new names for technologies that have actually been around for quite some time,” said Jill Eckhaus, CEO of AFCOM. “Our analysis also shows that data center managers need to develop more comprehensive cyber terrorism policies, and get more aggressive in greening, particularly in government agencies where greening lags behind private industry. Finally, it’s time to decide where the mainframe is still viable and needed, and where high-end servers can do a more efficient job.”

A closer look – survey background

AFCOM is the only data center association that represents both the IT and facilities side of the data center. Respondents, part of AFCOM’s 4,500 member data center sites, represent 27 countries, 83 percent in the U.S. and 17 percent overseas; 60 percent are responsible for Information Technology, 31 percent Facilities and 9 percent represent other roles in the data center. The survey, completed in early October in conjunction with AFCOM’s bi-annual Data Center World Conference and Expo, asked respondents questions regarding their greening initiatives, cyber terrorism, emerging technologies, mainframe usage and about their plans for consolidation, performance monitoring and storage strategies, among other initiatives.

A closer look – survey results

Data center greening, no longer just a concept, but obstacles still exist

The survey re-iterates that greening of the data center is no longer just a concept – it is actually taking place, and on a large scale, with 71.3 percent of all respondents indicating they are actively engaged in greening initiatives at this time. And while 71.3 percent are, in fact, engaged in greening, only 42.2 percent have a “formal” greening initiative. According to respondents, the most important results they have experienced as a result of implementing green measures are in power efficiency, 60.8 percent report they are using less power and 51.4 percent have implement cooling efficiency strategies. In addition to power and cooling efficiencies, 11.5 percent also report a significant savings in water usage.

Cyber terrorism has become even more prevalent in the past few years. From hackers attacking NATO computers to cyber-attacks in China, Estonia, Russia, Ukraine, South Korea and the U.S., it’s not likely a threat that will go away any time soon. Data center professionals must be well-equipped to handle and respond to cyber terrorist attacks, but according to AFCOM’s survey, there’s considerable room for improvement.

Respondents revealed that 60.9 percent of all data centers worldwide officially recognize cyber terrorism as a threat they need to deal with, but only a little over one-third (34.4 percent) have included it in their disaster/recovery plans, which would include their best defense plans if attacked. Only one in four, or 24.8 percent, has addressed cyber terrorism in their policies and procedures manuals and only 60.2 percent have a written policies and procedures manual. Meanwhile, less than one in five, or 19.7 percent provide any cyber terrorism employee training. On the positive side, however, 82.4 percent report that they do perform background security checks on all potential new employees, another solid defense against cyber terrorists.

Data center consolidation spurred by economic reality

Data center consolidation has historically been cyclical in this industry. As the economy suffers, more companies have traditionally looked to consolidation as a method of saving money. The economic downturn we are experiencing today is no exception, with 62.1 percent of all respondents either already in the process of consolidating one or more data centers, or seriously considering it. More than half of respondents (52.1 percent) plan to relocate their newly consolidated data center to another existing facility, or build an entirely new one to accommodate the additional requirements.

Surprisingly, in addition to the slim 14.9 percent who utilize cloud computing, this technology has been considered by an additional 46.3 percent, but never implemented.

AFCOM’s Data Center Institute (DCI) has undertaken an in-depth research project on the myths and realities surrounding cloud computing that will be released at AFCOM’s 2010 Data Center World in Nashville, Tennessee, March 7-11. To register, visit www.datacenterworld.com.

The state and fate of the mainframe

Only 39.6 percent of all data centers worldwide still operate mainframe computer systems today. In data centers that have mainframes installed, the median number in residence is two. And of all the data centers that have mainframes installed, 45.7 percent expect to replace one or more of them in the next two years. Of those that are expecting to replace their mainframes during the next two years, more than two out of three, or 67.1 percent will be replacing them with new mainframes, and 32.9 percent will be replacing them with high-end servers or other alternatives.

Based on this data, AFCOM concludes that the number of data centers using mainframes today versus five and ten years ago, is going down, and the future will continue this trend. Approximately one-third, or 32.9 percent of all existing mainframe data centers will no longer use mainframes in the future. Of all data centers with no installed mainframes today, 38.2 percent report that they did have them ten years ago and another 27.2 percent had them five years ago. And, according to respondents, five years from now, an additional one-third of those with mainframes today will no longer have them.

Performance monitoring gets more active

As witnessed by the number of performance monitoring tools and dashboards on display at AFCOM’s recent 2009 Data Center World in Orlando, performance monitoring in the data center is finally coming into its own, with many critical systems and components under 24/7 scrutiny. As the consequence of error in the data center has risen so dramatically (with the entire company dependent on all systems being continually available), the need to find and correct any and all malfunctions on the fly has become a necessity. In many cases, automated performance monitoring helps fulfill that need.

According to the survey, power consumption is now being monitored by 68.1 percent of respondents, network traffic by 65.8 percent, storage capacity by 64.4 percent, server utilization by 61.7 percent and Web security by 54.1 percent.

Data center facilities in terms of growth, expansion and relocation

Sixty percent of all respondents report that they expect to require additional data center space within the next five years. 32.6 percent expect to handle the growth and need for additional space by physically adding to and/or upgrading existing facilities and 30 percent report they will relocate to a new facility. Additional growth and expansion strategies to include 22.0 percent that will utilize a co-location center to meet their increased space requirements, 13.8 percent will use managed hosting services, and 11.2 percent will add pods or Data centers-in-a-box.

Changing storage requirements of the data center

Nearly two out of three worldwide data centers, or 63 percent, report a dramatic increase in their storage requirements over the past five years. Another 35.9 percent report a ‘slight’ to ‘moderate’ increase and only percent of all data centers saw their storage requirement decrease. Somewhat surprisingly, only 8.3 percent report that the main cause of their increased storage needs has been government regulations – while a whopping 77.5 percent attribute it to business growth.

“We’ll use the results of the survey to help us plan tracks, sessions and round tables at the 2010 Data Center World conference in Nashville in order to help professionals develop solutions for trouble spots and share successes and failures to date around all these trends,” continued Jill Eckhaus, AFCOM CEO. AFCOM’s next Data Center World conference and trade show is scheduled for March 7-11, 2010 at the Gaylord Opryland Resort & Convention Center. For more information and to register, visit www.datacenterworld.com. “It’s going to be a great show and corresponds with AFCOM’s 30-year anniversary – if you cover or work in the data center, you’ll want to be there. Our show isn’t just a display of data center products; it’s a place where extraordinary education takes place.”

Tuesday, October 27, 2009

/PRNewswire/ -- Small business owners' cybersecurity policies and actions are not adequate enough to ensure the safety of their employees, intellectual property and customer data, according to the 2009 National Small Business Cybersecurity Study. The study, co-sponsored by the National Cyber Security Alliance (NCSA) and Symantec [Nasdaq: SYMC], as part of this year's National Cyber Security Awareness Month, surveyed nearly 1,500 small business owners across the United States about their cybersecurity awareness policies and practices.

The survey confirmed that small businesses today are handling valuable information - 65 percent store customer data, 43 percent store financial records, 33 percent store credit card information, and 20 percent have intellectual property and other sensitive corporate content online. 65 percent of the business survey claimed that the Internet was critical to their businesses success yet they are doing very little to ensure that their employees and systems are not victims of a data breach.

The survey shows discrepancies between needs and actions regarding security policies and employee education on security best practices. Only 28 percent of U.S. small businesses have formal Internet security policies and just 35 percent provide ANY training to employees about Internet safety and security. At the same time, 86 percent of these firms do not have anyone solely focused on information technology (IT) security. For those small businesses that do provide cybersecurity training, 63 percent provide less than 5 hours per year.

The lack of focus on cybersecurity awareness and education on the part of U.S. small businesses can lead to the loss of vital customer and company data. The study found that while more than 9 in 10 small businesses said they believe they are safe from malware and viruses based on the security practices they have in place, only 53 percent of firms check their computers on a weekly basis to ensure that anti-virus, anti-spyware, firewalls and operating systems are up-to-date and 11 percent never check them.

"The 20 million small businesses in the U.S. are a critical part of the nation's economy. While small business owners may understandably be focused on growing their business and the bottom line, it is imperative to understand that a cybersecurity incident can be disruptive and expensive," said NCSA Executive Director Michael Kaiser. "To the millions of very savvy entrepreneurs across our nation, our message is simple - being smart about the online safety of your employees, business and customers is a critical part of doing business. Cybersecurity is not a nice thing to have for American businesses, it is critical to their survival."

Meanwhile, small businesses seem out of sync with some Internet security risks. 75 percent of small businesses said that they use the Internet to communicate with customers yet only 6 percent fear the loss of customer data and only 42 percent believe that their customers are concerned about the IT security of their business. What's more, 56 percent of small businesses believe cybersecurity is the cost of doing business while 21 percent believe it is just "a nice thing to have."

Laptops, PDAs and wireless networks are great conveniences to businesses, yet they carry with them an added responsibility to ensure the data is secure. Today, more than 66 percent of employees take computers or PDAs containing sensitive information off-site. Wireless networks are gateways for hackers and cyber criminals and must be secured by complex passwords. Unsecured wireless networks are akin to leaving the front door of a filing cabinet wide open on the sidewalk. 62 percent of the companies surveyed have a wireless network but 25 percent of them do not password protect their wireless networks. This is a significant security risk as hackers can steal information being passed through these open networks.

"Security threats are becoming more complex and employees of small businesses are increasingly the target of attacks that expose their organizations to data loss," said Sheri Atwood, vice president, global solutions and programs, Symantec. "Security awareness and education, combined with a comprehensive security solution, can empower small businesses and their employees to protect themselves and their information."

For more information on how you can keep you and your business safe online visit www.staysafeonline.org. For additional results from the Zogby study, visit: http://staysafeonline.mediaroom.com/index.php?s=67

The demographic makeup of the small business polled focused on number of employees and revenue. 56 percent of those polled were companies with one-to-nine employees, 10 percent had 10-25 employees, five percent had 26-50 employees and five percent had more than 51 employees. In terms of revenue, 56 percent had annual revenue of $249,000 or less, 11 percent have revenue of $250,000-$499,000, eight percent have revenue of $500,000 to $1 million. 11 percent have revenue between $1 million and $5 million and five percent have revenues exceeding $5 million. The Zogby International poll has a margin of error of +/- 2.6 percentage points.

Friday, October 23, 2009

In the next chapter of a longstanding effort to preserve the free and open Internet, the Federal Communications Commission is seeking public input on draft rules that would codify and supplement existing Internet openness principles. In addition to providing greater predictability for all stakeholders, the Notice is aimed at securing the many economic and social benefits that an open Internet has historically provided. It seeks to do so in a manner that will promote and protect the legitimate needs of consumers, broadband Internet access service providers,entrepreneurs, investors, and businesses of all sizes that make use of the Internet.

The Commission has addressed openness issues in a variety of contexts and proceedings,including: a unanimous policy statement in 2005, a notice of inquiry on broadband industrypractices in 2007, public comment on several petitions for rulemaking, conditions associatedwith significant communications industry mergers, the rules for the 700 MHz spectrum auctionin 2007, specific enforcement actions, and public en banc hearings. During this time period,opportunities for public participation have generated over 100,000 pages of input inapproximately 40,000 filings from interested parties and members of the public.

The process today’s Notice initiates will build upon the existing record at theCommission to identify the best means to achieve the goal of preserving and promotingthe open Internet.

Recognizing that the proposed framework needs to balance potentially competinginterests while helping to ensure an open, safe, and secure Internet, the draft rules would permitbroadband Internet access service providers to engage in reasonable network management,including but not limited to reasonable practices to reduce or mitigate the effects of networkcongestion.

Under the draft proposed rules, subject to reasonable network management, a provider ofbroadband Internet access service:1. would not be allowed to prevent any of its users from sending or receiving thelawful content of the user’s choice over the Internet;2. would not be allowed to prevent any of its users from running the lawfulapplications or using the lawful services of the user’s choice;3. would not be allowed to prevent any of its users from connecting to and usingon its network the user’s choice of lawful devices that do not harm thenetwork;4. would not be allowed to deprive any of its users of the user’s entitlement tocompetition among network providers, application providers, serviceproviders, and content providers;5. would be required to treat lawful content, applications, and services in anondiscriminatory manner; and6. would be required to disclose such information concerning networkmanagement and other practices as is reasonably required for users andcontent, application, and service providers to enjoy the protections specified inthis rulemaking.

The draft rules make clear that providers would also be permitted to address harmful traffic and traffic unwanted by users, such as spam, and prevent both the transfer of unlawful content, such as child pornography, and the unlawful transfer of content, such as a transfer that would infringe copyright. Further, nothing in the draft rules supersedes any obligation a broadband Internet access service provider may have -- or limits its ability -- to deliver emergency communications, or to address the needs of law enforcement, public safety, or national or homeland security authorities, consistent with applicable law.

The Commission is also seeking comment on how it should address “managed” or “specialized” services, which are Internet-Protocol-based offerings provided over the same networks used for broadband Internet access services. While the proceeding will seek input on how best to define and treat such services, managed services could include voice, video, and enterprise business services, or specialized applications like telemedicine, smart grid, or eLearning offerings. These services may provide consumer benefits and lead to increased deployment of broadband networks.

The Notice asks how the Commission should define the category of managed or specialized services, what policies should apply to them, and how to ensure that broadband providers’ ability to innovate, develop valuable new services, and experiment with new technologies and business models can co-exist with the preservation of the free and open Internet on which consumers and businesses of all sizes depend.

The Notice affirms that the six principles it proposes to codify would apply to all platforms for broadband Internet access, including mobile wireless broadband, while recognizing that different access platforms involve significantly different technologies, market structures, patterns of consumer usage, and regulatory history. To that end, the Notice seeks comment on how, in what time frames or phases, and to what extent the principles should apply to non-wireline forms of broadband Internet access, including mobile wireless.

Recognizing that the Commission’s decisions in this rulemaking must reflect a thorough understanding of current technology and future technological trends, the Chief of the Commission’s Office of Engineering & Technology will create an inclusive, open, and transparent process for obtaining the best technical advice and information from a broad range of engineers.

The adoption of this Notice will open a window for submitting comments to the FCC. Comments can be filed through the Commission’s Electronic Comment Filing System, and are due on Thursday, January 14. Reply comments are due on Friday, March 5. In addition, the rulemaking process will include many other avenues for public input, including open workshops on key issues; providing feedback through openinternet.gov, which will include regular blog posts by Commission staff; and other new media tools, including IdeaScale, an online platform for brainstorming and rating solutions to policy challenges.

U.S. Senator John McCain today (October 22) introduced legislation that would prohibit the Federal Communications Commission from enacting rules that would regulate the Internet. The Commission will meet today to determine whether the historically open architecture and free flow of the Internet should be subject to onerous federal regulation. Specifically, the Commission will seek to impose “net neutrality” rules that would reign in the network management practices of all Internet service providers, including wireless phone companies.

This government takeover of the Internet will stifle innovation, in turn slowing our economic turnaround and further depressing an already anemic job market. Outside of health care, the technology industry is the nation’s fastest growing job market. Innovation and job growth in this sector of our economy is the key to America’s future prosperity. In 2008, while most industries were slashing jobs in the worst economy in nearly 30 years, high tech industries actually added over 77,000 good high-paying jobs. Just this month, Google and Yahoo both released positive earnings reports.

The wireless industry exploded over the past twenty years due to limited government regulation. Wireless carriers invested $100 billion in infrastructure and development over the past three years which has led to faster networks, more competitors in the marketplace and lower prices compared to any other country. Meanwhile, wired telephones and networks have become a slow dying breed as they are mired in state and Federal regulations, universal service contribution requirements and limitations on use.

“Today I’m pleased to introduce ‘The Internet Freedom Act of 2009’ that will keep the Internet free from government control and regulation,” said Senator John McCain. “It will allow for continued innovation that will in turn create more high-paying jobs for the millions of Americans who are out of work or seeking new employment,” McCain continued. “Keeping businesses free from oppressive regulations is the best stimulus for the current economy.

Tuesday, October 6, 2009

Yesterday, it was revealed that 10,000+ Hotmail accounts were compromised and all of the usernames and passwords of these accounts were posted online. It was a major security and scam issue, but it was thought to only affect Hotmail users.

Monday, October 5, 2009

A fraudulent e-mail, initially appearing around June 16, 2009, claims to contain a confidential FBI report from the FBI "Weapons of Mass Destruction Directorate." The subject line of the email is "RE: Weapons of Mass Destruction Directorate," and contains an attachment "reports.exe". This message and similar messages may contain a file related to the "W32.Waledac" trojan software, which is designed to steal user authentication credentials or send spam messages.

Do not click on any links associated with this e-mail or similar e-mails, it is a hoax.

The FBI does not send unsolicited e-mails or e-mail official reports. Consumers should not respond to any unsolicited e-mails or click on any embedded links, as they may contain viruses or malicious software.

Below is an example of the fraudulent e-mail message:

CLASSIFIEDFEDERAL BUREAU OF INVESTIGATIONINTELLIGENCE BULLETIN

Weapons of Mass Destruction Directorate

HANDLING NOTICE: Recipients are reminded that FBI Intelligence Bulletins contain sensitive terrorism and counterterrorism information meant for use primarily within the law enforcement and homeland security communities. Such bulletins shall not be released, either in written or oral form, to the media, the general public, or other personnel who do not have a valid need-to-know without prior approval from an authorized FBI official, as such release could jeopardize national security.

Link to malicious software (report.exe)

If you have been a victim of Internet crime, please file a complaint at www.IC3.gov.

Thursday, October 1, 2009

According to the Internet Crime Complaint Center (IC3), there has been an increase in the number of hijacked social networking accounts reported to www.ic3.gov.

One of the more popular scams involves online criminals planting malicious software and code onto to victim computers. It starts by someone opening a spam e-mail, sometimes from another hijacked friend’s account.

When opened, the spam allows the cyber intruders to steal passwords for any account on the computer, including social networking sites. The thieves then change the user’s passwords and eventually send out distress messages claiming they are in some sort of legal or medical peril and requesting money from their social networking contacts.

So far, nearly 3,200 cases of account hijackings have been reported to the IC3 since 2006.

Cyber thieves are also using spam to promote phishing sites, claiming a violation of the terms of service agreement or creating some other issue which needs to be resolved. Other spam entices users to download an application or view a video. Some of these messages appear to be sent from friends, giving the perception of legitimacy. Once the user responds to a phishing site, downloads an application, or clicks on a video link, the electronic device they’re using becomes infected.

Some applications advertised on social networking sites appear legitimate but install malicious code or rogue anti-virus software. These empty applications can give cyber criminals access to your profile and personal information. These programs will automatically send messages to your contacts, instructing them to download the new application too.

Infected users are often unknowingly spreading malware by having links to infected websites posted on their webpage without the user’s knowledge. Since the e-mail or video link appear to be endorsed by a friend, social networking contacts are more likely to click on these links.

Although social networking sites are generally a safe place to interact with friends and acquaintances, keep in mind these suggestions to protect yourself while navigating the Internet:

* Adjust website privacy settings. Some networking sites have provided useful options to assist in adjusting settings to help protect your identity. * Be selective when adding friends. Once added, contacts can access any information marked as viewable by all friends. * Limit access to your profile to only those contacts you trust with your personal information. * Disable options, such as photo sharing, that you might not regularly use. You can always enable these options later. * Be careful what you click on. Just because someone posts a link or video to their wall does not mean it is safe. * Familiarize yourself with the security and privacy settings and learn how to report a compromised account. * Each social networking site may have different procedures on how to handle a hijacked or infected account; therefore, you may want to reference their help or FAQ page for instructions.

If your account has been hijacked or infected, report it to by visiting www.ic3.gov or www.lookstoogoodtobetrue.com.

The Internet Crime Complaint Center is a partnership between the FBI and National White Collar Crime Center (NW3C).